﻿using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using DHAA.Areas.Administrator.Models;
using DHAA.Global;

namespace DHAA.Areas.Administrator.Controllers
{
    public class CustomerController : Controller
    {
        readonly GlobalController globalController = new GlobalController();
        private SqlConnection sqlConnection;
        private SqlDataAdapter sqlDataAdapter;
        private SqlCommand sqlCommand;
      //
        // GET: /Administrator/Customer/

        public ActionResult Index()
        {
            Session["AdminID"] = 1;

            if (Session["AdminID"] == null)
            {
                ViewData["MessageError"] = "You haven't loggin!";
                return RedirectToAction("Index", "Admin");
            }
            sqlConnection = globalController.getConnection();
            sqlDataAdapter = new SqlDataAdapter("SELECT * FROM dbo.Customers", sqlConnection);
            var ds = new DataSet();
            sqlDataAdapter.Fill(ds);
            sqlConnection.Close();


            var ada = ds.Tables[0];
            IList<CustomerModels> list = (from DataRow r in ada.Rows
                                       select new CustomerModels()
                                       {
                                           CustomerID = r.Field<int>("CustomerID"),
                                           CustomerName = r.Field<string>("CustomerName"),
                                           UserName = r.Field<string>("UserName"),
                                           Password = r.Field<string>("Password"),
                                         }).ToList();
            return PartialView("Index",list);
                        



          //  return View(list);
        }

        //
        // GET: /Administrator/Customer/Details/5

       //
        // GET: /Administrator/Customer/Create

        public ActionResult Create()
        {
            return PartialView("Create");
        } 

        //
        // POST: /Administrator/Customer/Create

        [HttpPost]
        public ActionResult Create(CustomerModels cus)
        {
            if(String.IsNullOrEmpty(cus.Password))
            {
                return PartialView();
            }
            
            if(cus.Password != cus.ConfirmPassword)
            {
                ViewData["MessageError"] = "Confirm Password does not match!";
                return PartialView();
            }

            cus.Password = globalController.password2md5(cus.Password);
           

            try
            {
                sqlConnection = globalController.getConnection();
                sqlCommand = new SqlCommand("InsertCustomer", sqlConnection){CommandType = CommandType.StoredProcedure};
                var pr = new[]
                             {
                                 new SqlParameter("@UserName", cus.UserName),
                                 new SqlParameter("@Password", cus.Password),
                                 new SqlParameter("@CustomerName", cus.CustomerName)
                             };

                sqlCommand.Parameters.AddRange(pr);
                sqlCommand.ExecuteNonQuery();
                ViewData["MessageSuccess"] = "Created successful : " + cus.CustomerName;
                return PartialView("Create", cus);
             }
                catch
                {
                    ViewData["MessageError"] = "Cannot create new Customer";
                    return PartialView();
                }
        }
        
        //
        // GET: /Administrator/Customer/Edit/5
 
        public ActionResult Edit(int id)
        {
            sqlConnection = globalController.getConnection();
            sqlDataAdapter = new SqlDataAdapter("SelectCustomerByID", sqlConnection)
                                 {
                                     SelectCommand = {CommandType = CommandType.StoredProcedure}
                                 };
            var pr = new SqlParameter("@CustomerID", id);
            sqlDataAdapter.SelectCommand.Parameters.Add(pr);
            var ds = new DataSet();
            sqlDataAdapter.Fill(ds);

            var row = ds.Tables[0].Rows[0];

            if(!row.IsNull(0))
            {
                var cus = new CustomerModels
                                         {
                                           CustomerID = row.Field<int>("CustomerID"),
                                           CustomerName = row.Field<string>("CustomerName"),
                                           Password = row.Field<string>("Password"),
                                           UserName = row.Field<string>("UserName")
                                         };
                return PartialView("Edit", cus);
            }
            
           return PartialView();
        }

        //
        // POST: /Administrator/Customer/Edit/5

        [HttpPost]
        public ActionResult Edit(int id, CustomerModels cus)
        {
            if (String.IsNullOrEmpty(cus.Password))
            {
                return PartialView();
            }

            if (cus.Password != cus.ConfirmPassword)
            {
                ViewData["MessageError"] = "Confirm Password does not match!";
                return PartialView();
            }

            cus.Password = globalController.password2md5(cus.Password);


            try
            {
                sqlConnection = globalController.getConnection();
                sqlCommand = new SqlCommand("UpdateCustomerByID", sqlConnection) { CommandType = CommandType.StoredProcedure };
                var pr = new[]
                             {
                                 new SqlParameter("@UserName", cus.UserName),
                                 new SqlParameter("@Password", cus.Password),
                                 new SqlParameter("@CustomerName", cus.CustomerName),
                                 new SqlParameter("@CustomerID", id)
                             };

                sqlCommand.Parameters.AddRange(pr);
                sqlCommand.ExecuteNonQuery();
                ViewData["MessageSuccess"] = "Edited successful : " + cus.CustomerName;
                return PartialView("Edit", cus);
            }
            catch
            {
                ViewData["MessageError"] = "Cannot edit this customer";
                return PartialView();
            }
        }

        //
        // GET: /Administrator/Customer/Delete/5
 
        public ActionResult Delete(int id)
        {

            sqlConnection = globalController.getConnection();
            sqlDataAdapter = new SqlDataAdapter("SelectCustomerByID", sqlConnection)
            {
                SelectCommand = { CommandType = CommandType.StoredProcedure }
            };
            var pr = new SqlParameter("@CustomerID", id);
            sqlDataAdapter.SelectCommand.Parameters.Add(pr);
            var ds = new DataSet();
            sqlDataAdapter.Fill(ds);

            var row = ds.Tables[0].Rows[0];

            if (!row.IsNull(0))
            {
                var cus = new CustomerModels
                {
                    CustomerID = row.Field<int>("CustomerID"),
                    CustomerName = row.Field<string>("CustomerName"),
                    Password = row.Field<string>("Password"),
                    UserName = row.Field<string>("UserName")
                };
                return PartialView("Delete", cus);
            }

            return PartialView("Delete");
        }

        //
        // POST: /Administrator/Customer/Delete/5

        [HttpPost]
        public ActionResult Delete(int id, FormCollection collection)
        {
            try
            {
                sqlConnection = globalController.getConnection();
                sqlCommand = new SqlCommand("DeleteCustomerByID", sqlConnection) { CommandType = CommandType.StoredProcedure };
                var pr = new SqlParameter("@CustomerID", id);
           

                sqlCommand.Parameters.Add(pr);
                sqlCommand.ExecuteNonQuery();
                ViewData["MessageSuccess"] = "Deleted Successful";
                return PartialView("Message");
            }
            catch
            {
                ViewData["MessageError"] = "Cannot edit this customer";
                return PartialView();
            }
        }
    }
}
